Vulnerability Details CVE-2020-28922
An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write arbitrary physical memory. This could lead to arbitrary Ring-0 code execution and escalation of privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 7.2
References
- http://www.pcanalyser.de/index.php/historie/
- https://github.com/eset/vulnerability-disclosures
- https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-28922/CVE-2020-28922.md
- http://www.pcanalyser.de/index.php/historie/
- https://github.com/eset/vulnerability-disclosures
- https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-28922/CVE-2020-28922.md
Products affected by CVE-2020-28922
-
cpe:2.3:a:pcanalyser:pc_analyser:4.05
-
cpe:2.3:a:pcanalyser:pc_analyser:4.10